SSRF in Drupal Openai Provider
CVE-2026-13233
Server-Side Request Forgery (SSRF) vulnerability in Drupal OpenAI Provider allows Server Side Request Forgery. This issue affects OpenAI Provider versions: from 0.0.0 to 1.1.1, from 1.2.0 to 1.2.2.
Vulnerability class: SSRF (Server-Side Request Forgery)
Affected products
- Drupal Openai Provider — versions 0.0.0, 1.2.0